Israeli Spyware Firm Accused Of Hacking Apple, Facebook And Google Responds (Updated)
Getty
Israeli spyware from NSO has made plenty of headlines this year, most recently back in May when it was exposed as the culprit in a high-profile WhatsApp hack that had enabled nation-states to target specific phones, installing spyware through voice calls on both iPhone and Android devices whether or not a user answered an infected call.
That hack was first reported by the Financial Times, and the same newspaper has continued to investigate, publishing a report today (July 19) that exposes sales claims being made by NSO that "its [Pegasus] technology can surreptitiously scrape all of an individualâs data from the servers of Apple, Google, Facebook, Amazon and Microsoft." According to the FT, NSO "did not specifically deny that it had developed the capability," described in documents seen by the newspaper.
After the report was published, an NSO spokesperson told me that "the Financial Times got it wrong. NSOâs products do not provide the type of collection capabilities and access to cloud applications, services, or infrastructure suggested in this article."
The FT suggested that an infected phone provides NSO's software with the authentication keys for cloud servicesâincluding Google Drive, Facebook Messenger and iCloudâaccessed by that device. And given that smartphones have now become the individual entry points into our cloud-based world, the implications of this will raise serious concerns. The FT cites one of the sales documents it has seen, claiming this is done without "prompting 2-step verification or warning email on a target device."
The NSO spokesperson said that "increasingly sophisticated terrorists and criminals are taking advantage of encrypted technologies to plan and conceal their crimes, leaving intelligence and law enforcement agencies in the dark and putting public safety and national security at risk. NSOâs lawful interception products are designed to confront this challenge."
NSO's Pegasus software has been described as the most sophisticated spyware smartphone of its kind and has become a highly-prized export for the Israeli government to help the company market to foreign states. The fact that Israel has been accused of allowing sales of the technology to countries like Saudi Arabia and the UAE carries geopolitical interest given the context and the developing situation in the Middle East.
"Our products are licensed in small scale to legitimate government intelligence and law enforcement agencies for the sole purpose of preventing or investigating serious crime, including terrorism," the company's spokesperson told me.
The FT report cited an NSO sales pitch, seen by the newspaper and prepared for the Ugandan government, which claimed that "having access to a 'cloud endpoint' means eavesdroppers can reach 'far and above smartphone content', allowing information about a target to 'roll in' from multiple apps and services." This suggests that compromising data on a phone or using the phone as an eavesdropping endpoint, is not enough. The phone can be hacked to such an extent that it provides the keys to the entire digital kingdomâthe cloud-based ecosystem within which it operates.
According to the FT, Amazon claimed there was no evidence of such a hack having access to its systems, but assuredâas did Facebookâthat it would review the claims. Microsoft and Apple responded with assurances around the continually developing security features on their platforms. Google didn't comment.
">
Israeli spyware from NSO has made plenty of headlines this year, most recently back in May when it was exposed as the culprit in a high-profile WhatsApp hack that had enabled nation-states to target specific phones, installing spyware through voice calls on both iPhone and Android devices whether or not a user answered an infected call.
That hack was first reported by the Financial Times, and the same newspaper has continued to investigate, publishing a report today (July 19) that exposes sales claims being made by NSO that "its [Pegasus] technology can surreptitiously scrape all of an individualâs data from the servers of Apple, Google, Facebook, Amazon and Microsoft."Â According to the FT, NSO "did not specifically deny that it had developed the capability," described in documents seen by the newspaper.
After the report was published, an NSO spokesperson told me that "the Financial Times got it wrong. NSOâs products do not provide the type of collection capabilities and access to cloud applications, services, or infrastructure suggested in this article."
The FTÂ suggested that an infected phone provides NSO's software with the authentication keys for cloud servicesâincluding Google Drive, Facebook Messenger and iCloudâaccessed by that device. And given that smartphones have now become the individual entry points into our cloud-based world, the implications of this will raise serious concerns. The FT cites one of the sales documents it has seen, claiming this is done without "prompting 2-step verification or warning email on a target device."
The NSO spokesperson said that "increasingly sophisticated terrorists and criminals are taking advantage of encrypted technologies to plan and conceal their crimes, leaving intelligence and law enforcement agencies in the dark and putting public safety and national security at risk. NSOâs lawful interception products are designed to confront this challenge."
NSO's Pegasus software has been described as the most sophisticated spyware smartphone of its kind and has become a highly-prized export for the Israeli government to help the company market to foreign states. The fact that Israel has been accused of allowing sales of the technology to countries like Saudi Arabia and the UAE carries geopolitical interest given the context and the developing situation in the Middle East.
"Our products are licensed in small scale to legitimate government intelligence and law enforcement agencies for the sole purpose of preventing or investigating serious crime, including terrorism," the company's spokesperson told me.
The FTÂ report cited an NSO sales pitch, seen by the newspaper and prepared for the Ugandan government, which claimed that "having access to a 'cloud endpoint' means eavesdroppers can reach 'far and above smartphone content', allowing information about a target to 'roll in' from multiple apps and services."Â This suggests that compromising data on a phone or using the phone as an eavesdropping endpoint, is not enough. The phone can be hacked to such an extent that it provides the keys to the entire digital kingdomâthe cloud-based ecosystem within which it operates.
According to the FT, Amazon claimed there was no evidence of such a hack having access to its systems, but assuredâas did Facebookâthat it would review the claims. Microsoft and Apple responded with assurances around the continually developing security features on their platforms. Google didn't comment.
Gloss